<div dir="ltr">depends on where the script is loaded from? I have http js calling https APIs without much trouble</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, May 8, 2014 at 9:34 AM, Smith, John <span dir="ltr"><<a href="mailto:J.J.Smith@gcu.ac.uk" target="_blank">J.J.Smith@gcu.ac.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">It might still have security implications on latest browsers where XOT sits on http and access Flickr on https... similar to recent Youtube etc problems...<br>
<br>
Regards,<br>
<br>
John Smith | Learning Technologist<br>
Room A251, Govan Mbeki Building | School of Health & Life Sciences | Glasgow Caledonian University<br>
Cowcaddens Road | Glasgow | G4 0BA<br>
<br>
Please address ALL support requests to <a href="mailto:hlsblt@gcu.ac.uk">hlsblt@gcu.ac.uk</a> where one of the School Learning Technologists will pick up the job. This will ensure that all jobs are completed as promptly as possible.<br>
________________________________________<br>
From: <a href="mailto:xerte-dev-bounces@lists.nottingham.ac.uk">xerte-dev-bounces@lists.nottingham.ac.uk</a> [<a href="mailto:xerte-dev-bounces@lists.nottingham.ac.uk">xerte-dev-bounces@lists.nottingham.ac.uk</a>] On Behalf Of Julian Tenney [<a href="mailto:Julian.Tenney@nottingham.ac.uk">Julian.Tenney@nottingham.ac.uk</a>]<br>
<div class="">Sent: 08 May 2014 09:26<br>
To: For Xerte technical developers<br>
</div>Subject: [Xerte-dev] Re: Flickr API Going SSL-Only on June 27th, 2014<br>
<div class=""><br>
Yep, seems to work on our server,<br>
<br>
J<br>
<br>
From: Tenney Julian<br>
Sent: 08 May 2014 08:59<br>
To: 'For Xerte technical developers'<br>
Subject: RE: Flickr API Going SSL-Only on June 27th, 2014<br>
<br>
It appears as simple as changing the url to https from http. I’ve committed those changes, but not tested,<br>
<br>
</div>From: <a href="mailto:xerte-dev-bounces@lists.nottingham.ac.uk">xerte-dev-bounces@lists.nottingham.ac.uk</a><mailto:<a href="mailto:xerte-dev-bounces@lists.nottingham.ac.uk">xerte-dev-bounces@lists.nottingham.ac.uk</a>> [mailto:<a href="mailto:xerte-dev-bounces@lists.nottingham.ac.uk">xerte-dev-bounces@lists.nottingham.ac.uk</a>] On Behalf Of Julian Tenney<br>
<div class="">Sent: 08 May 2014 08:45<br>
</div>To: For Xerte technical developers (<a href="mailto:xerte-dev@lists.nottingham.ac.uk">xerte-dev@lists.nottingham.ac.uk</a><mailto:<a href="mailto:xerte-dev@lists.nottingham.ac.uk">xerte-dev@lists.nottingham.ac.uk</a>>)<br>
<div class="">Subject: [Xerte-dev] FW: Flickr API Going SSL-Only on June 27th, 2014<br>
<br>
This is going to have an impact I think. I’ll investigate.<br>
<br>
From: Flickr Mail [mailto:<a href="mailto:no-reply-flickrmail@flickr.com">no-reply-flickrmail@flickr.com</a>]<br>
Sent: 07 May 2014 18:19<br>
</div>To: <a href="mailto:julian.tenney@nottingham.ac.uk">julian.tenney@nottingham.ac.uk</a><mailto:<a href="mailto:julian.tenney@nottingham.ac.uk">julian.tenney@nottingham.ac.uk</a>><br>
<div class="">Subject: Flickr API Going SSL-Only on June 27th, 2014<br>
<br>
We see that you own an active API key for the Flickr API, and wanted make sure you know about some upcoming changes to the API related to SSL.<br>
<br>
</div>As you may have read on the Flickr code blog<<a href="http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/" target="_blank">http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/</a>>, we've updated all of the API endpoints to fully support SSL. You no longer need to use a special subdomain to access the API securely, and we want to make sure that all API communication adopts SSL.<br>
<div class=""><br>
Many of you have moved over to using SSL already, which is great! If you haven't, it shouldn't be much more work than updating your apps to call the API at: <a href="https://api.flickr.com/" target="_blank">https://api.flickr.com/</a><br>
<br>
We'll be updating the blog with information as we get close to the switchover date, but here's the most important info:<br>
<br>
New API keys will be issued for HTTPS access only: as of 6 May 2014<br>
First blackout test window: 3 June 2014, 10:00-12:00 Pacific Daylight Time (PDT)<br>
Second blackout test window: 17 June 2014, 18:00-20:00 (PDT)<br>
Non-SSL API deprecated: 27 June 2014, 10:00 (PDT)<br>
<br>
During the blackout tests and after the 27th of June, calls to the Flickr API that are not over SSL will fail with an HTTP error code 403. We will also return an error message with (Flickr) code 95 and msg "SSL is required".<br>
<br>
Here are example error responses:<br>
<br>
XML (REST):<br>
<br>
<?xml version="1.0" encoding="utf-8" ?> <rsp stat="fail"> <err code="95" msg="SSL is required" /> </rsp><br>
<br>
JSONP:<br>
<br>
jsonFlickrApi({ "stat": "fail", "code": "95", "message": "SSL is required" })<br>
<br>
JSON:<br>
<br>
{ "stat": "fail", "code": "95", "message": "SSL is required" }<br>
<br>
</div>We realize that this change might be more difficult for some. We will follow the Developer Support Group<<a href="https://groups.yahoo.com/neo/groups/yws-flickr/info" target="_blank">https://groups.yahoo.com/neo/groups/yws-flickr/info</a>> closely, so please let us hear your questions.<br>
<br>
If you have a question about the API transition to SSL that you feel is unique to your situation or is more appropriate to handle via conversation directly with Flickr, send an email to <a href="mailto:flickr-api-help@yahoo-inc.com">flickr-api-help@yahoo-inc.com</a><mailto:<a href="mailto:flickr-api-help@yahoo-inc.com">flickr-api-help@yahoo-inc.com</a>>. We will monitor that mailbox through July 2014.<br>
<div class=""><br>
Thank you for being a member of our API community,<br>
The Flickreenos<br>
<br>
</div>Glasgow Caledonian University is a registered Scottish charity, number SC021474<br>
<br>
_______________________________________________<br>
Xerte-dev mailing list<br>
<a href="mailto:Xerte-dev@lists.nottingham.ac.uk">Xerte-dev@lists.nottingham.ac.uk</a><br>
<a href="http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev" target="_blank">http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev</a><br>
This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it. Please do not use, copy or disclose the information contained in this message or in any attachment. Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.<br>
<br>
This message has been checked for viruses but the contents of an attachment<br>
may still contain software viruses which could damage your computer system, you are advised to perform your own checks. Email communications with the University of Nottingham may be monitored as permitted by UK legislation.<br>
<br>
<br>
<br>
<br>
</blockquote></div><br></div>